diff options
author | Ben Hutchings <benh@debian.org> | 2017-02-23 21:55:28 +0000 |
---|---|---|
committer | Ben Hutchings <benh@debian.org> | 2017-02-23 21:55:28 +0000 |
commit | c77a05b32b2f63a5cefb610c25affbe3a5afe807 (patch) | |
tree | 83c44ec760bac31786ce6385a318fbf76a8d8e81 /retired/CVE-2016-7917 | |
parent | 8006483d9aab4dfb5da87b728df3166107707e9e (diff) |
Retire many issues now released (or N/A or ignored) in all branches
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5001 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2016-7917')
-rw-r--r-- | retired/CVE-2016-7917 | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/retired/CVE-2016-7917 b/retired/CVE-2016-7917 new file mode 100644 index 00000000..78f54448 --- /dev/null +++ b/retired/CVE-2016-7917 @@ -0,0 +1,19 @@ +Description: + The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does + not check whether a batch message's length field is large enough, which allows local users to + obtain sensitive information from kernel memory or cause a denial of service (infinite loop or + out-of-bounds read) by leveraging the CAP_NET_ADMIN capability. +References: + http://source.android.com/security/bulletin/2016-11-01.html +Notes: + carnil> Introduced in 3.19-rc5 with 9ea2aa8b7dba9e99544c4187cc298face254569f but needs double + carnil> check if backported. + bwh> It was backported to 3.16-stable as commit d922a1cee45e (among other + bwh> stable branches) +Bugs: +upstream: released (4.5-rc6) [c58d6c93680f28ac58984af61d0a7ebf4319c241] +3.16-upstream-stable: released (3.16.40) [netfilter-nfnetlink-correctly-validate-length-of-batch-messages.patch] +3.2-upstream-stable: N/A "Vulnerable code not present" +sid: released (4.5.1-1) +3.16-jessie-security: released (3.16.39-1) [bugfix/all/netfilter-nfnetlink-correctly-validate-length-of-bat.patch] +3.2-wheezy-security: N/A "Vulnerable code not present" |